CVE-2014-9449

Priority
Description
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp
in Exiv2 0.24 allows remote attackers to cause a denial of service (crash)
via a long IKEY INFO tag value in an AVI file.
Assigned-to
mdeslaur
Notes
Package
Source: exiv2 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [code not present])
Patches:
Upstream:http://dev.exiv2.org/projects/exiv2/repository/revisions/3264
More Information

Updated: 2019-12-05 18:38:50 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)